Table of Contents
Uber ads are coming, and they’re already raising privacy concerns
Ubers’ new journey ads will be shown in the Uber app at least three times during the riders’ journey. The new feature will let brands place ads using data drawn from riders’ travel history and their precise geographic destinations, according to Uber. In an example from The Wall Street Journal, if a user books an Uber to a specific retailer, cinema or airport, for example, a company could buy ads centered on that location.
How the new ads will work. Though not available globally yet, Uber is testing the ads with a few brands at launch. The new product will also let brands sponsor an entire trip, starting with when a rider first calls a car. The ad spots will be sold on a per-trip basis instead of digital advertising’s common pricing by consumer impression, let brands show a user different ads at three points in the user’s trip: while waiting for a car, while riding in the car and upon reaching the destination.
The rider can also conduct transactions, such as clicking the ad to buy a product without leaving the Uber app, said Mark Grether, general manager of Uber Advertising. Separate pilot programs in the U.S. and India will also include ads on in-car tablets, he said.
Privacy concerns. It’s not news to anyone that the US has been facing abortion rights issues. With Uber’s new ad targeting products based on riders’ trip history, we have to wonder what this means for sensitive situations such as a rider who has taken a trip to an abortion provider.
Although this does raise concerns, platforms such as Google, Meta, and Simpli.fi have been tracking users’ locations for many years. The FTC even sued data broker Kachava Inc. this past August claiming that the broker was selling data that tracks people at sensitive locations such as reproductive clinics and places of worship.
According to The Wall Street Journal article, Uber’s advertising policy forbids targeting users by factors such as race, religion or sexual orientation, and it also prohibits basing ad targeting on certain types of destinations, including government buildings, hospitals and reproductive-health centers.
What Uber says. An Uber spokeswoman said the company doesn’t share individual users’ data with advertisers. The data it does share is aggregated information or data related to ad-campaign performance, she said. Users can opt-out of targeted ads on the Uber app at any time, said Grether.
Source: Uber ads are coming, and they’re already raising privacy concerns
Google Spam Algorithm Update Rolling Out Now
Google confirms an algorithm update targeted at fighting spam is rolling out to search results worldwide and in all languages.
Google estimates the October 2022 spam update will take several days to roll out.
Exact details about spam updates are rarely provided, except in cases where they target specific types of spam, such as last year’s link spam update.
Google regularly rolls out spam updates to maintain the quality of its search results. Spam updates are designed to improve Google’s automated systems that are constantly running in the background to detect spam in search results.
If you’re following the Google Search Essentials, formerly known as the Google Webmaster Guidelines, it’s likely you don’t much much to worry about with respect to the October 2022 spam update.
Source: Google Spam Algorithm Update Rolling Out Now
Webinar: 5 ways to improve content strategy in 2023
Digital content creation and management have never been more complicated. These workflows now need to accommodate remote workers and resources, worldwide offices, and security and privacy concerns, not to mention the growing need for content and creative teams to produce more content in less time.
So how are the most successful content and creative teams currently executing production and managing workflows? To answer these questions and more, Canto surveyed over 600 professionals involved in their organization’s production, management and/or strategy for content and creative assets.
Register today for “5 Ways to Improve your Content Workflows and Strategy in 2023,” presented by Canto, and get the survey results to learn content strategies, workflows and technology that have made these organizations successful.
Source: Webinar: 5 ways to improve content strategy in 2023
WordPress Security Update 6.0.3 Patches 16 Vulnerabilities
WordPress 6.0.3 started rolling out this week. The latest security release patches 16 vulnerabilities.
WordPress 6.0.3 fixes nine stored and reflected cross-site scripting (XSS) vulnerabilities, as well as open redirect, data exposure, cross-site request forgery (CSRF), and SQL injection flaws.
WordPress security company Defiant has shared a description of each vulnerability. Four of them have a ‘high severity’ rating, and the rest have ‘medium’ or ‘low’ severity.
“We have determined that these vulnerabilities are unlikely to be seen as mass exploits but several of them could offer a way for skilled attackers to exploit high-value sites using targeted attacks,” the company warned.
Another high-severity flaw is a reflected XSS that can be exploited for arbitrary code execution by an unauthenticated attacker via a specially crafted search query in the media library. Exploitation requires user interaction and creating a payload is not easy, but Defiant believes this could be the most exploitable vulnerability in this release due to the attacker not needing to be authenticated.
The third high-severity issue is a SQL injection that could be exploited by a third-party plugin or theme — the WordPress core itself is not affected.
The last severe issue is a CSRF bug that can be leveraged by an unauthenticated attacker to trigger a trackback on behalf of a legitimate user, but social engineering is required for successful exploitation.
WordPress websites that support automatic background updates will be patched automatically. The next major release is version 6.1, planned for November 1.
According to Sucuri’s Website Threat Research Report for 2021, WordPress websites accounted for more than 95% of CMS infections, and roughly one-third of the sites on which the cybersecurity firm detected a credit card skimmer were running WordPress.
Source: WordPress Security Update 6.0.3 Patches 16 Vulnerabilities